Top 10 threat predictions in 2012

by CXOtoday staff    Jan 04, 2012

McAfee Labs lists some key threat predictions that include high-profile industrial attacks, cyber warfare demonstrations and new hacktivist targets.

Emerging threats for cyber activity in 2012, include mobile banking, legal spam and virtual currency, according to predictions by McAfee Labs. They also predict that attacks involving political motivation or notoriety will also make headlines, including high-profile industrial attacks, cyber warfare demonstrations and hacktivist attacks targeting public figures.

“Many of the threats that will become prominent in 2012 have already been looming under the radar in 2011,” said Vincent Weafer, Senior Vice President of McAfee Labs. “In the meantime, we continue to see cyber criminals improving their toolkits and malware, ready to make a significant impact in 2012.”

Threat predictions:

Industrial attacks - cyber criminals target utilitiesWater, electricity, oil and gas are essential to people’s everyday lives, yet many industrial systems are not prepared for cyber attacks. Many of the environments where SCADA (supervisory control and data acquisition) systems are deployed do not have stringent security practices. Attackers will continue to leverage this lack of preparedness, if only for blackmail or extortion in 2012.

Advertisers will legalize spam
Legitimate advertisers are picking up where the spammers left off, using the same spamming techniques, such as purchasing email lists of users who have consented to receive advertising or purchasing customer databases from companies going out of business.

Mobile threats - Attackers will bypass PCs
In 2012, McAfee Labs expects that mobile attackers will improve on their skill sets and move towards mobile banking attacks, as more and more users handle their finances on mobile devices.

Embedded hardware - promised land for sophisticated hackers
Embedded systems are designed for a specific control function within a larger system and are commonly used in automotive, medical devices, GPS devices, routers, digital cameras and printers. We will see proofs-of-concept codes exploiting embedded systems to become more effective in 2012 and beyond.

Hacktivism - joining forces online
Either the true anonymous group will reinvent itself, or die out. Additionally, those leading the digital disruptions will join forces with physical demonstrators, and will target public figures such as politicians, industry leaders, judges and law enforcement.

Virtual currency: A cyber criminal payment plan
Virtual currency, sometimes called cyber currency, has become a popular way for people to exchange money online. McAfee Labs expects to see this threat evolve into spam, data theft, tools, support networks and other associated services dedicated to solely exploiting virtual currencies, in order to steal money from unsuspecting victims or to spread malware.

Cyber war
Countries are vulnerable due to massive dependence on computer systems and a cyber defense that primarily defends only government and military networks. One can expect countries demonstrate their cyber war capabilities in 2012, in order to send a message.

Rogue certificates
Organizations and individuals tend to trust digitally signed certificates; however, recent threats such as Stuxnet and Duqu used rogue certificates to evade detection. Predictions say the production and circulation of fake rogue certificates will increase in 2012.

Tomorrow’s Internet looks more like yesterday’s Internet
Domain Name System Security Extensions (DNSSEC) is meant to protect a client computer from inadvertently communicating with a host as a result of a man-in-the-middle attack. Such an attack redirects the traffic from the intended server (Web page, email, etc.) to another server. Governing bodies around the globe are taking greater interest in establishing rules of the road for Internet traffic, and McAfee Labs expects to see more and more instances in which future solutions are hampered by legislative issues.

Advances in operating systems moves hackers down and out
New security features baked into the core of the operating system will cause hackers to find alternate entryways; down into the hardware and out of the operating system.